DATA SECURITY

Terralogic Adopts Stellar Cyber’s Open XDR Security Platform to Deliver Comprehensive View of Customer Security

Stellar Cyber | December 07, 2021

Stellar Cyber, the leading security operations platform for MSSPs and innovator of Open XDR, announced today that a top 250 MSSP and technology integrator Terralogic has adopted the Stellar Cyber Open XDR platform to bring new levels of visibility and security to its customers across India.

“We are always seeking new tools that help us deliver world-class security services for our customers,” said Sandeep Vijayaraghavan, VP of Cybersecurity at Terralogic. “The Stellar Cyber Open XDR platform is the first we’ve seen that unifies and correlates data from our various security tools to present a single, comprehensive view of our customers’ security.”

Unlike stand-alone tools that simply capture device logs or protect network endpoints, Stellar Cyber’s Open XDR platform aggregates data inputs from all existing security tools, analyzes it for anomalies, and presents contextual, prioritized security incidents in an intuitive dashboard. For the first time, Stellar Cyber’s platform gives MSSP security professionals a single console to view customers’ entire security profiles and to take quick action when threats are detected.

“We aim to be the leading MSSP in the Indian subcontinent, and for years we have offered a range of cybersecurity services to our customers,” said Renil Komitla, CEO of Terralogic. “Stellar Cyber’s platform gives us a new ability to rise above the competition.”

“When an MSSP has dozens or hundreds of customers, it’s impossible to keep up with cyberattacks in a timely manner using siloed security tools,” said Brian Stoner, VP of the MSSP business unit at Stellar Cyber. “Our automated and intuitive platform helps MSSPs like Terralogic see the big picture and get a true grasp of what’s going on in a network and how to remediate issues.”

About Terralogic
Terralogic is the ideal cyber-expert for the next generation business. We provide intelligent cybersecurity solutions that help customers define the right framework, and our solutions include VAPT, Compromise Assessment, Cloud Security, Threat Hunting, Security Solution Deployment & Incident Management. Since 2008, Terralogic has been rendering futuristic technology services for the forward-looking connected world. Our target centric DNA ensures ahead of the time engineering expertise following client roadmap and business needs. Our services encompass, UI/UX, Digital Transformation, Engineering, SAAS, IT Infrastructure services, MSSP, Cloud and Support Services, not to mention our innovations in the field of Emerging technologies viz IoT, AR/VR, and Data Science. We deep dive into enterprise goals to get to the heart of the criteria, maintaining a macro-view while researching trends and evolving models. Terralogic provides advisory consulting and IT services for Automotive, Communications, Construction, E-commerce, Gaming, Healthcare, Manufacturing, Media & Entertainment, Retail, Travel & Transportation industries.

About Stellar Cyber
Stellar Cyber’s Open XDR platform delivers Everything Detection and Response by ingesting data from all tools, automatically correlating alerts into incidents across the entire attack surface, delivering fewer and higher-fidelity incidents, and responding to threats automatically through AI and machine learning. Our XDR Kill Chain™, fully compatible with the MITRE ATT&CK framework, is designed to characterize every aspect of modern attacks while remaining intuitive to understand. This reduces enterprise risk through early and precise identification and remediation of all attack activities while slashing costs, retaining investments in existing tools and accelerating analyst productivity. Typically, our platform delivers an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Spotlight

For the third consecutive year, Keyfactor and The Ponemon Institute have collaborated on the State of Machine Identity Management report —an in-depth look at the role of PKI and machine identities in establishing digital trust and securing modern enterprises. This year’s report provides an analysis of 1,280 survey responses from

Spotlight

For the third consecutive year, Keyfactor and The Ponemon Institute have collaborated on the State of Machine Identity Management report —an in-depth look at the role of PKI and machine identities in establishing digital trust and securing modern enterprises. This year’s report provides an analysis of 1,280 survey responses from

Related News

DATA SECURITY, ENTERPRISE IDENTITY, NETWORK THREAT DETECTION

ForgeRock is the First Identity Platform to Fully Eliminate Passwords

ForgeRock | March 21, 2023

ForgeRock®, a global digital identity leader, today announced ForgeRock Enterprise Connect Passwordless, a new passwordless authentication solution that eliminates the need for users to interact with passwords inside large organizations. Enterprise Connect Passwordless is the latest addition to ForgeRock’s industry-leading, passwordless authentication portfolio for consumer and workforce use cases. Developed through ForgeRock’s strategic partnership with Secret Double Octopus, the new solution, integrated into ForgeRock Identity Platform, protects the most commonly used and vulnerable enterprise resources such as servers, workstations, remote desktops, and VPNs. It helps large enterprises proactively defend against costly cyber-attacks and unauthorized access by providing a passwordless experience to legacy applications, systems and services. In turn, organizations can deliver an employee experience that empowers people to access their information without needing to know a password. “The move to passwordless authentication will fundamentally change every digital experience on the planet, starting with the most common experience of all - logging in,” said Peter Barker, Chief Product Officer, ForgeRock. “With the addition of Enterprise Connect Passwordless, ForgeRock is the only solution to offer a full spectrum of passwordless capabilities that help employees and consumers say goodbye to remembering their passwords.” Organizations deploying ForgeRock Enterprise Connect Passwordless become a more secure enterprise by removing employee interaction with passwords, and reducing the risk of compromise. Benefits include eliminating employee account lockouts and reducing the volume of IT tickets, which can lower operational costs from help desk interactions, increase workforce productivity and enhance the user experience. Removing Passwordless Orchestration and Deployment Complexities ForgeRock Enterprise Connect Passwordless uses next generation identity orchestration capabilities that allow enterprises to easily design and implement passwordless login and access journeys tailored to their unique security and experience needs. With ForgeRock, organizations now have the freedom to move to passwordless at their own pace – without it being an “all or nothing” experience. “When an organization decides it wants to go passwordless to improve user experiences, that can be a heavy lift, made lighter when accompanied by user journey orchestration technology,” said Jay Bretzmann, Research Vice President, Security Products, IDC. “The ability to rapidly create login experiences tailored to groups of diverse individuals is an imperative for modern enterprises. Orchestration not only provides the tools to do this, but also the ability to ‘fine-tune’ journeys in real-time. What used to take programmers and developers weeks or months can now be accomplished by non-technical IT or identity staff for a fraction of the time and cost.” Available in Q2, Enterprise Connect Passwordless augments the company’s existing passwordless capabilities, adding to the ongoing work ForgeRock has been doing to eliminate consumer passwords for more than a decade. A History of Paving the Passwordless Path for Enterprises The ForgeRock Identity Platform has an extensive history of providing organizations several options to help deploy passwordless authentication for mobile and web applications to reduce fraud and improve the user experience. ForgeRock can accelerate passwordless deployment with integration for applications, support for identity standards, easy to use workflows to enable workforce and CIAM passwordless user journeys, and web-based passwordless authentication through a browser using passkeys in their mobile devices. ForgeRock already supports passwordless authentication capabilities through FIDO2 WebAuthn standards and passkeys within the ForgeRock Identity Cloud, low-code, no-code access orchestration with ForgeRock Intelligent Access and AI-driven threat protection within ForgeRock Autonomous Access. ForgeRock also has alliances with partners that have developed curated FIDO solutions for many different types of applications. About ForgeRock ForgeRock® is a global digital identity leader helping people simply and safely access the connected world. The ForgeRock Identity Platform delivers enterprise-grade identity solutions at scale for customers, employees, and connected devices. More than 1,300 organizations depend on ForgeRock’s comprehensive platform to manage and secure identities with identity orchestration, dynamic access controls, governance, and APIs in any cloud or hybrid environment.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Noname Security Expands API Security Platform To Help Organisations Increase Cyber Resilience

Prnewswire | March 30, 2023

Noname Security, the leading provider of complete API security solutions, today announced major enhancements to its market-leading API security platform to help organisations protect their API ecosystem, secure their applications, and increase cyber resilience. With the fastest, most flexible, and most comprehensive solution on the market, Noname Security continues to define API security. Noname Enables Secure Growth with API Security Innovation Today, APIs drive business, delivering value to customers, clients, patients, users, shareholders, and more. However, securing APIs – and all of the critical assets they connect – has become more difficult than ever as APIs attacks have increased exponentially. IBM Security X-Force reported that two-thirds of its analysed incidents were due to unsecure APIs. "APIs are the connective tissue for the digital world, but the explosion in API use has created new and rapidly growing threats to organisations across the globe. We created the Noname API Security Platform to uniquely address the modern API ecosystem, with discovery, insight, protection, and testing capabilities," said Shay Levi, Co-Founder and CTO at Noname Security. "Doing so means not only securing APIs and their use, but also improving the speed at which our customers can expand their business." The Noname API Security Platform Continues to Define API Security Noname's latest major release delivers new capabilities across the entire platform – covering discovery, posture management, runtime protection, pre-production testing, and deployment – to help customers: Discover More & Strengthen Security Posture Noname Security's Discovery and Posture Management solutions locate and provide insight to every API in an organisation's ecosystem, uncovering vulnerabilities (including the most recent OWASP API Top Ten), protecting sensitive data, and proactively monitoring for changes, including in OpenAPI and other specifications. New capabilities enable customers to: Gain complete visibility and detailed insights to protect APIs with customisable discovery, flexible tagging, and datatype assignments – including PII, PCI, PHI, and custom categories – for grouping APIs by application, business unit, and more. Understand APIs in rich context with visualisations of business logic, physical network infrastructure, and API traffic to understand specific interactions and behaviour patterns. Secure containerised applications with enhanced discovery and detection for Kubernetes (k8s). Prioritise resources and eliminate blind spots with extensive infrastructure inventories for AWS and Azure, enabling organisations to find unprotected APIs, map the connections between APIs and infrastructure resources, pinpoint resources that could increase the attack surface, and resolve potential issues with full context. Stop Attacks with Runtime Protection Noname Security Runtime Protection detects and blocks API attacks with real-time traffic analysis, out-of-band monitoring, inline remediation options, and workflow integrations to increase SOC effectiveness. New capabilities enable customers to: Identify business-logic-based attacks immediately with updates to the industry's most advanced anomaly detection engine using artificial intelligence & machine learning (AI/ML), including unsupervised online learning. Reduce Mean-Time-To-Resolution (MTTR) with more context on issue records, including detailed remediation guidance and tools for deeper investigation. Fully align with security operations center (SOC) processes with automation, custom workflows, and integrations with existing systems such as ITSM, SIEM, SOAR, and more. Deliver Secure APIs Faster with Active Testing Noname Security Active Testing is a purpose-built API security testing solution that helps organisations easily add security into the CI/CD pipeline without sacrificing speed. The newest version of Active Testing enables customers to: Shift left with integrations into the entire software development lifecycle (SDLC). Teams get dynamic API visibility across multiple states and environments throughout the CI/CD process. Leave no API untested with a unique ability to find and test every API based on an understanding of the application's business logic. Empower developers with best-in-class usability such as simple setup & automation, in-line test results, and contextual guidance for request failure mitigation. Continuously Adapt to Changing Environments Noname Security offers the most flexible and comprehensive set of deployment and integration options available. New capabilities enable customers to: Rapidly realise value with simplified step-by-step onboarding and in-app guidance. Meet any deployment requirement with both agentless and agent-based options, including eBPF, and both out-of-band and inline protection options. Easily manage complex deployments with automatic updates across cloud-hosted, self-hosted, hybrid, and distributed deployments. Maintain data residency and reduce overhead with remote engines to aggregate traffic into a centralised console, allowing you to keep data within your control and reducing traffic. Meet strict public-sector compliance requirements with a new hardened virtual appliance. See the entire attack surface with additional integrations and improvements to Akamai, AWS ECS, Cloudflare, Oracle Cloud Infrastructure, Citrix, and other connectors. Staying Ahead of Attackers Built by the largest team of API security researchers and developers in the industry, the Noname API Security Platform helps organisations proactively find vulnerabilities, stop attacks, reduce the risk of costly incidents, and ensure business continuity. "Improving security posture and shifting from reactive to proactive does more than reduce risk. It allows the entire enterprise to change its position in the market from follower to leader," said Oz Golan, CEO and Co-Founder of Noname Security. About Noname Security Noname Security is the only company taking a complete, proactive approach to API Security. Noname works with 20% of the Fortune 500 and covers the entire API security scope — Discovery, Posture Management, Runtime Protection, and API Security Testing. Noname Security is privately held, remote-first with headquarters in Silicon Valley, California, and offices in Tel Aviv and Amsterdam.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Orca Security is First CNAPP to Integrate with Microsoft Azure OpenAI GPT-4

Businesswire | May 05, 2023

Orca Security, the pioneer of agentless cloud security, today announced its full integration with Microsoft Azure OpenAI GPT-4. The integration builds on the ChatGPT implementation in the Orca Cloud Security platform announced in January and makes it the first cloud-native application protection platform (CNAPP) to support GPT-4 through the Azure OpenAI Service. In addition to the integration, Orca announced several new features for its ChatGPT integration. The Microsoft Azure OpenAI Service provides REST API access to OpenAI's ChatGPT technology. With this new Microsoft integration, Orca Security customers can benefit not only from the greatly improved functionality in GPT-4, but also from the security and enterprise support that Microsoft provides. This includes the benefits of privacy of customer data submitted to the service, compliance with key regulations such as HIPAA and SOC2, an uptime SLA of 99.9%, and regional availability for lower latency and increased reliability. Since introducing GPT-3 support in the Orca Platform in January, customers have used it to dramatically reduce their mean-time-to-remediation (MTTR). Security practitioners can instantly generate high-quality remediation instructions for each alert straight from the Orca Platform. These instructions can simply be copied and pasted into platforms such as Terraform, Pulumi, AWS CloudFormation, AWS Cloud Development Kit, Azure Resource Manager, Google Cloud Deployment Manager, and Open Policy Agent. If more information is needed, users can ask ChatGPT follow-up questions directly from the Orca Platform. With the transition to GPT-4, customers will benefit from the model’s improved accuracy as well as its ability to generate code snippets. “The customer response to our integration with GPT has been incredibly positive,” said Gil Geron, CEO at Orca Security. “It’s been amazing to see customers embrace it in so many ways to gain dramatic efficiency improvements. With our integration with GPT-4 through the Azure OpenAI Service, we continue to improve accuracy and ensure privacy to protect our customers’ data while maximizing its benefit.” In addition to transitioning from GPT-3 to Azure OpenAI GPT-4, Orca made several other enhancements to its integration, including prompt improvements to ensure further optimization of remediation responses; a new Open Policy Agent (OPA) remediation method; and the ability to include remediation steps in Jira tickets when assigning cloud security issues. The Azure OpenAI GPT-4 integration is available immediately. To learn more, please read the blog post published today. About Orca Security Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world’s most comprehensive coverage and visibility of all risks across the cloud. With continuous first-to-market innovations and expertise, the Orca Platform ensures security teams quickly identify and remediate risks to keep their businesses secure. Connect your first account in minutes: https://orca.security or take the free cloud risk assessment.

Read More